SWAT...
Bruce
bruce at toorak.com
Wed Nov 15 03:01:04 GMT 2000
Thanks Martin,
Yes we have a heavy duty block on anything 137/138/139 amongst others.
We average 7500 attempted "hackhits" per week. Thats why I asked the question.
Regards,
Bruce.
>Bruce wrote:
>
>> Hi there,
>> We have Samba 2.07 running wonderfully on SuSE linux in an internal
>>network of
>> Windows crap everywhere (98/NT/2000/ME/...) However to protect ourselves
>> from the the outside world, I only allow connections from an internal range
>> of Class C addresses. (192.168...) on an internal ethernet card. Nothing
>> else is permitted.
>>
>> However to manage the site it would be nice to be able to use SWAT from the
>> Internet and connect to an external ethernet interface on port 901 and ONLY
>> allow transactions to port 901 and not 137/138/139 on that ethernet card.
>>
>> Is there a way WITHOUT using IPCHAINS and WITHOUT enabling smb ethernet
>>access
>> on the external ethernet card.
>
>Yes, configure your firewall. You DO have a firewall between all that
>netbios nonsense and the internet, don't you?
More information about the samba
mailing list